diff --git a/classes/class-plugin.php b/classes/class-plugin.php index c4b7f2c34..9a61fe407 100755 --- a/classes/class-plugin.php +++ b/classes/class-plugin.php @@ -18,7 +18,7 @@ class Plugin { * * @const string */ - const VERSION = '3.9.2'; + const VERSION = '3.9.3'; /** * WP-CLI command diff --git a/readme.txt b/readme.txt index 4ea1932d0..21565522c 100644 --- a/readme.txt +++ b/readme.txt @@ -2,8 +2,8 @@ Contributors: xwp Tags: wp stream, stream, activity, logs, track Requires at least: 4.5 -Tested up to: 6.1 -Stable tag: 3.9.2 +Tested up to: 6.2 +Stable tag: 3.9.3 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html @@ -84,7 +84,7 @@ There are several ways you can get involved to help make Stream better: Thank you for wanting to make Stream better for everyone! -Past Contributors: fjarrett, shadyvb, chacha, westonruter, johnregan3, jacobschweitzer, lukecarbis, kasparsd, bordoni, dero, faishal, rob, desaiuditd, DavidCramer, renovate-bot, marcin-lawrowski, JeffMatson, Powdered-Toast-Man, johnolek, johnbillion, greguly, pascal-klaeres, szepeviktor, rheinardkorf, frozzare, khromov, dkotter, bhubbard, stipsan, stephenharris, omniwired, kopepasah, joehoyle, eugenekireev, barryceelen, valendesigns, tlovett1, tareiking, stayallive, sayedtaqui, robbiet480, oscarssanchez, kidunot89, johnwatkins0, javorszky, jamesgol, desrosj, davelozier, davefx, cfoellmann, JustinSainton, JJJ, postphotos +Past Contributors: fjarrett, shadyvb, chacha, westonruter, johnregan3, jacobschweitzer, lukecarbis, kasparsd, bordoni, dero, faishal, rob, desaiuditd, DavidCramer, renovate-bot, marcin-lawrowski, JeffMatson, Powdered-Toast-Man, johnolek, johnbillion, greguly, pascal-klaeres, szepeviktor, rheinardkorf, frozzare, khromov, dkotter, bhubbard, stipsan, stephenharris, omniwired, kopepasah, joehoyle, eugenekireev, barryceelen, valendesigns, tlovett1, tareiking, stayallive, sayedtaqui, robbiet480, oscarssanchez, kidunot89, johnwatkins0, javorszky, jamesgol, desrosj, davelozier, davefx, cfoellmann, JustinSainton, JJJ, postphotos, schlessera == Screenshots == @@ -103,6 +103,12 @@ Track changes to posts when using the block editor. == Changelog == += 3.9.3 - April 25, 2023 = + +- Fix: [Security] CVE-2022-43490: Temporarily remove uninstall flow to avoid inadvertent uninstallation of the plugin, props [@Lucisu](https://github.com/Lucisu) via [Patchstack](https://patchstack.com/). +- Fix: [Security] CVE-2022-43450: Check for capabilities in 'wp_ajax_load_alerts_settings' AJAX action before loading alert settings, props [@Lucisu](https://github.com/Lucisu) via [Patchstack](https://patchstack.com/). +- Development: Mark as tested with the latest version 6.2 of WordPress. + = 3.9.2 - January 10, 2023 = - Fix: [Security] Check authorization on 'save_new_alert' AJAX action [#1391](https://github.com/xwp/stream/pull/1391), props [marcS0H](https://github.com/marcS0H) (WPScan) diff --git a/stream.php b/stream.php index 311c2b78b..44e4eeff6 100644 --- a/stream.php +++ b/stream.php @@ -3,7 +3,7 @@ * Plugin Name: Stream * Plugin URI: https://xwp.co/work/stream/ * Description: Stream tracks logged-in user activity so you can monitor every change made on your WordPress site in beautifully organized detail. All activity is organized by context, action and IP address for easy filtering. Developers can extend Stream with custom connectors to log any kind of action. - * Version: 3.9.2 + * Version: 3.9.3 * Author: XWP * Author URI: https://xwp.co * License: GPLv2+